Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

ChriFrie
New Contributor

Created on ‎08-24-2016 09:24 AM

FortiClient EMS

Hey,

Is it possible to write compliance rules with the FortiClient / FortiClient EMS endpoint control that requires certain 3rd party applications be installed?  I know it can require anti-virus and windows updates, but I'm specifically looking for other software be installed on the endpoints.

Thanks,

Chris

Labels:
545
0 Kudos
3 REPLIES 3
joe_FTNT
Staff
Staff

Created on ‎08-24-2016 09:41 AM

It’s actually a function of the FortiGate in 5.4.1 since it is considered the Compliance Enforcer in the solution. You actually configure this in the CLI of the FortiGate and then FortiClient will take the instruction from there. For more information, see the FortiOS CLI guide.

The answer to your question though is yes, this is supported. You will take the hash of the executable of your application and require that the application be present before endpoint is considered compliant.


Joe Martins
Product Specialist, CISSP, APT Solutions

[Fortinet]
________________________________
E: jmartins@fortinet.com<mailto:jmartins@fortinet.com>
M: 925.389.8345

899 Kifer Road | Sunnyvale, CA 94086
________________________________

www.fortinet.comhttp://www.fortinet.com [Twitter] <http://www.twitter.com/fortinet> [LinkedIn] <http://www.linkedin.com/company/fortinet> [Facebook] <http://www.facebook.com/fortinet> [YouTube] <http://www.youtube.com/user/SecureNetworks> [Google+] <https://plus.google.com/+fortinet>


From: "Chris Friesen via forticlient.public" >">mailto:forticlient.public@fuse-lists.fortinet.com>>
Reply-To: "forticlient.public@fuse-lists.fortinet.com<mailto:forticlient.public@fuse-lists.fortinet.com>" >">mailto:forticlient.public@fuse-lists.fortinet.com>>
Date: Wednesday, August 24, 2016 at 2:24 PM
To: "forticlient.public@fuse-lists.fortinet.com<mailto:forticlient.public@fuse-lists.fortinet.com>" >">mailto:forticlient.public@fuse-lists.fortinet.com>>
Subject: [forticlient.public] - FortiClient EMS
Resent-From: >">mailto:forticlient.public@fuse-lists.fortinet.com>>
Resent-Date: Wednesday, August 24, 2016 at 2:24 PM


Hey,

Is it possible to write compliance rules with the FortiClient / FortiClient EMS endpoint control that requires certain 3rd party applications be installed? I know it can require anti-virus and windows updates, but I'm specifically looking for other software be installed on the endpoints.

Thanks,

Chris

-----End Original Message-----
Joe Martins
Director Product Management
504
0 Kudos
ChriFrie
New Contributor
In response to joe_FTNT

Created on ‎08-25-2016 06:40 AM

Hey Joe,

Thanks for getting back to me.  If it's a function of the FortiGate, is the process the same in 5.2.3?

Chris

504
0 Kudos
joe_FTNT
Staff
Staff
In response to ChriFrie

Created on ‎08-25-2016 06:48 AM

In FortiOS 5.2.3 it is limited to Host Check over SSL VPN. If you search the FortiOS 5.2.x guide (or CLI Reference Guide) for 'Host Check' you will see what sort of options you have for posture checking. I do not think that in 5.2.x we have the ability to look for a specific application by hash value, but there might be the ability to look for a registry key.

Joe Martins
Director Product Management
504
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.